Millions of WinRAR Users Will Find a Vulnerability All Along 19 Years


WinRAR is one of the most popular data compression utilities using over 500 million users worldwide, and the meme has already been created on the non-expire trial.

However, by now, there is information about a dangerous weakness in this beloved utility, which allows us to copy any other file without our knowledge anywhere in the hard disk of the computer.

Check Point Software Technologies has identified this vulnerability as a result of supporting the old data compression file type ACE file format.

This can change the ACE file to one of the attackers by changing the ACE file to the RAR extension and then copying a dangerous file, such as a virus to the user’s startup folder or any other location, without his knowledge. The next user When the virus is activated, the virus starts to run automatically.

After confirming this discovery, WinRAR was able to fix this vulnerability and distribute it via WinRAR 5.70 beta 1 version.

However, instead of resolving this problem, it is reported that they have removed the ability to open ACE files through the new WinRAR version, which has not been updated since 2007.

There is still no record of this risk in the WinRAR over the past 19 years, and you have no record of using it in the world any time, and if you use WinRAR version 5.70 beta 1, especially if you are using an older version, this risk Getting rid of it.

The ACE file is not open because we do not think we have a risk, but the ACE file is often overridden .rar, or if it is renamed to another extension, the risk is doubled and it is difficult to identify.

Especially the file we downloaded from the Internet, which is a lot of compressed files, is increasing this risk. So do not forget to install and install the latest version of WinRAR.

Background of Fuzzing


Here are the steps to get started with WinRAR

  1. Creating an internal recording in WinRAR’s main task, we can explore any type of archive without specific recordings for each format. This is done by WinRAR Windows.
  2. Unpack the GUI partitions such as message boxes and dialogs that require user interaction. This too can be run on WinRAR.There are also message boxes in the WinRAR CLI type.
  3. Use a giant fluid with a breathtaking book by the University of Oulu, 2005.
  4. Fuzz program using WAFL with WinRAR command-line switches. WinRAR is compelled to break this “broken archive”, and the default passwords (“password” and “-kb” to keep broken uploaded files). We found those options in the WinRAR manual/help file.

After a brief period of time, we were able to find some of the disputes that led to the withdrawal of several effect effects such as RAR, LZH, and ACE. But these risky situations have been exploited by the insufficiency of uncertainties. Because the primary buffer of the buffer was limited

Any attack that exploited this exploit in 19 years, there were times when more than 500 million WinRAR users in the world could do so. If you are one of these users, it is very crucial that you update it quickly so as to ensure that you are not a victim of this exploitation.


Please enter your comment!
Please enter your name here